Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/ErG2Wk0RU5sLE1CupdDzRiu4ml4.roa
File: ErG2Wk0RU5sLE1CupdDzRiu4ml4.roa (raw, json)
Hash identifier: yhUx2jGk1qxrn75S+Q5CxP6phMmgtwWYsSW31104e/Q=
Subject key identifier: 12:B1:B6:5A:4D:11:53:9B:0B:13:50:AE:A5:D0:F3:46:2B:B8:9A:5E
Certificate issuer: /CN=51cf732a8a7439e9280f23ef57849814af195ae0
Certificate serial: 018CC86F4145797BEE341CD458FCCF3A5F85
Authority key identifier: 51:CF:73:2A:8A:74:39:E9:28:0F:23:EF:57:84:98:14:AF:19:5A:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uc9zKop0OekoDyPvV4SYFK8ZWuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/ErG2Wk0RU5sLE1CupdDzRiu4ml4.roa
Signing time: Tue 02 Jan 2024 04:29:43 +0000
ROA not before: Tue 02 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47622
IP address blocks: 91.246.26.0/23 maxlen: 24
185.169.120.0/22 maxlen: 24
5.199.0.0/17 maxlen: 24
212.74.32.0/19 maxlen: 24
2a00:17f8::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Uc9zKop0OekoDyPvV4SYFK8ZWuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Uc9zKop0OekoDyPvV4SYFK8ZWuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uc9zKop0OekoDyPvV4SYFK8ZWuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 04:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:41:45:79:7b:ee:34:1c:d4:58:fc:cf:3a:5f:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51cf732a8a7439e9280f23ef57849814af195ae0
Validity
Not Before: Jan 2 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12b1b65a4d11539b0b1350aea5d0f3462bb89a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ea:a9:a5:d5:9e:66:10:e9:1d:05:a5:a3:91:
58:aa:53:b8:43:3d:f2:a7:db:fb:77:73:80:38:57:
99:e5:99:0f:56:09:bd:c4:04:24:5f:5e:0d:12:62:
82:77:f0:1d:3b:8c:9f:bf:16:0d:4f:19:85:8e:d0:
23:da:6d:84:6c:ef:21:56:69:fd:23:4d:b7:81:fb:
77:4d:91:ae:ef:7e:85:a9:22:87:1c:6f:e9:77:d2:
82:c9:9e:c6:02:21:13:12:37:39:fe:92:84:1f:e2:
d7:c7:1f:36:c3:a2:36:bb:65:31:3d:8c:ea:a9:43:
a6:ea:76:ed:38:22:c7:40:f5:2e:b1:c5:0c:e6:9e:
3b:8c:95:1d:de:7d:2d:fa:a9:46:3c:db:1d:05:47:
74:f8:9b:7d:36:b2:47:98:aa:e1:86:0c:c7:d9:28:
75:e6:44:6a:65:81:4c:c9:37:c1:37:59:57:77:a8:
59:62:5f:ac:bc:5a:dc:ca:69:e5:fd:af:55:87:c3:
80:54:40:22:9d:bb:29:1e:37:94:be:ac:69:22:eb:
0b:94:4f:e0:ca:29:49:7a:01:88:7b:57:51:43:a3:
d0:bc:56:95:d9:0a:2c:51:61:37:2b:48:b2:99:59:
51:59:12:22:71:c3:7a:72:e7:87:2d:61:a0:01:57:
d3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B1:B6:5A:4D:11:53:9B:0B:13:50:AE:A5:D0:F3:46:2B:B8:9A:5E
X509v3 Authority Key Identifier:
keyid:51:CF:73:2A:8A:74:39:E9:28:0F:23:EF:57:84:98:14:AF:19:5A:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uc9zKop0OekoDyPvV4SYFK8ZWuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/ErG2Wk0RU5sLE1CupdDzRiu4ml4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Uc9zKop0OekoDyPvV4SYFK8ZWuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.0.0/17
91.246.26.0/23
185.169.120.0/22
212.74.32.0/19
IPv6:
2a00:17f8::/32
Signature Algorithm: sha256WithRSAEncryption
59:cf:03:d1:19:03:8b:09:a0:eb:60:f4:82:73:34:96:af:f9:
bc:52:f6:0a:d1:1f:90:ff:a9:8a:f0:b4:2a:cb:de:42:3b:e2:
0c:1e:33:a5:22:b8:56:08:13:8b:47:01:59:d7:4b:eb:d1:b2:
24:f8:28:43:86:8c:9f:50:3b:72:bd:e9:69:9a:46:fe:48:9a:
2c:22:d5:7f:83:7c:fc:b3:5a:62:38:c8:e8:34:d0:37:94:3f:
34:aa:d5:0c:e7:d6:dc:14:f7:6c:2f:f0:eb:d6:0f:7d:0f:49:
d9:8c:09:f3:32:ae:1c:b1:69:ea:4f:5e:35:51:a0:83:b7:6c:
de:ac:9e:49:67:54:ec:f2:bf:e1:0a:14:d9:66:b2:06:ee:ea:
a9:42:aa:5d:f6:16:32:79:d7:1d:53:c6:ef:d7:3a:4f:cc:2a:
03:05:38:e4:46:9d:e3:25:3f:f7:b2:1b:88:cc:31:2a:9e:1b:
69:c2:c6:dc:ba:72:be:2c:0d:0a:26:80:12:c3:02:07:21:43:
f9:50:61:16:dc:ba:6b:4d:13:ae:e9:1b:d7:ce:56:aa:0f:30:
c7:a8:4e:c9:68:f2:f3:57:1e:5e:75:11:bc:96:6b:86:2d:40:
7c:e3:32:d0:21:94:eb:77:3c:f7:65:88:2f:80:73:42:71:c5:
f2:43:52:13
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIb0FFeXvuNBzUWPzPOl+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxY2Y3MzJhOGE3NDM5ZTkyODBmMjNlZjU3ODQ5ODE0YWYx
OTVhZTAwHhcNMjQwMTAyMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmIxYjY1YTRkMTE1MzliMGIxMzUwYWVhNWQwZjM0NjJiYjg5YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeqppdWeZhDpHQWlo5FYqlO4Qz3y
p9v7d3OAOFeZ5ZkPVgm9xAQkX14NEmKCd/AdO4yfvxYNTxmFjtAj2m2EbO8hVmn9
I023gft3TZGu736FqSKHHG/pd9KCyZ7GAiETEjc5/pKEH+LXxx82w6I2u2UxPYzq
qUOm6nbtOCLHQPUuscUM5p47jJUd3n0t+qlGPNsdBUd0+Jt9NrJHmKrhhgzH2Sh1
5kRqZYFMyTfBN1lXd6hZYl+svFrcymnl/a9Vh8OAVEAinbspHjeUvqxpIusLlE/g
yilJegGIe1dRQ6PQvFaV2QosUWE3K0iymVlRWRIiccN6cueHLWGgAVfT+QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBKxtlpNEVObCxNQrqXQ80YruJpeMB8GA1UdIwQY
MBaAFFHPcyqKdDnpKA8j71eEmBSvGVrgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWM5ektvcDBPZWtvRHlQdlY0U1lGSzhaV3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy85YTY2MzgtYzhmZC00M2NmLWIxYzQt
YjA3MWM3ZWZkOTE1LzEvRXJHMldrMFJVNXNMRTFDdXBkRHpSaXU0bWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy85YTY2MzgtYzhmZC00M2NmLWIxYzQtYjA3MWM3ZWZkOTE1
LzEvVWM5ektvcDBPZWtvRHlQdlY0U1lGSzhaV3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHBccAAwQB
W/YaAwQCual4AwQF1EogMA0EAgACMAcDBQAqABf4MA0GCSqGSIb3DQEBCwUAA4IB
AQBZzwPRGQOLCaDrYPSCczSWr/m8UvYK0R+Q/6mK8LQqy95CO+IMHjOlIrhWCBOL
RwFZ10vr0bIk+ChDhoyfUDtyvelpmkb+SJosItV/g3z8s1piOMjoNNA3lD80qtUM
59bcFPdsL/Dr1g99D0nZjAnzMq4csWnqT141UaCDt2zerJ5JZ1Ts8r/hChTZZrIG
7uqpQqpd9hYyedcdU8bv1zpPzCoDBTjkRp3jJT/3shuIzDEqnhtpwsbcunK+LA0K
JoASwwIHIUP5UGEW3LprTROu6RvXzlaqDzDHqE7JaPLzVx5edRG8lmuGLUB84zLQ
IZTrdzz3ZYgvgHNCccXyQ1IT
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:13:03 2024 by rpki-client on console-ams.rpki-client.org